Ben Natan

Arnon Ben-Natan, Kiryat Tiv'On IL

Patent application number

Description

Published

20140327906

SYSTEM AND METHOD FOR MAINTAINING OPTICS IN FOCUS - According to an embodiment of the invention there is provided a system that may include a pivot chuck that may include : a lower chuck portion; an upper chuck portion; a first distance changing module that may include a pivot mechanism and an angle changing element; wherein the pivot mechanism pivotally couples the lower chuck portion to the upper chuck portion; wherein the angle changing element is coupled between the upper and lower chuck portions; wherein the upper chuck portion may be arranged to support a substrate; wherein the angle changing element may be arranged to induce a rotation of the upper chuck portion in relation to the pivot mechanism in response to first focus correction signals.

11-06-2014

Avishay Ben Natan, Rishon Lezion IL

Patent application number

Description

Published

20090300028

DEVICE AND METHOD FOR MANAGING DIGITAL SIGNAGE SYSTEMS - A method is provided for managing information during a pre-determined period of time at a plurality of remote display surfaces, based on criteria established at a central terminal, wherein the method comprises: i) providing a pre-determined period of time; ii) providing at least two digital signage objects; iii) determining at least one properties' sub set which comprises a plurality of attributes for each of the digital signage objects provided; iv) determining the value of attributes included in the at least one properties' sub set for the duration of the pre-determined period of time; v) establishing at least one identity group comprising digital signage objects each of which is identical in its properties during the respective pre-determined period of time, to the other digital signage objects belonging to a respective identity group; and vi) applying the at least one identity group for managing information at the plurality of remote channels.

12-03-2009

20100066905

SYSTEM, METHOD AND DEVICE FOR DISPLAYING VIDEO SIGNALS - A video displaying system is provided which comprises: display means for displaying an output that is comprised of a plurality of displaying zones, means for providing information conveying tracks and for utilizing information conveyed along these tracks for creating the displayed output, and means operative to synchronize the information conveying tracks. Each of the information conveying tracks of the video displaying system is associated with at least one displaying zone and at least one of the information conveying tracks is associated with at least two displaying zones.

03-18-2010

20100306673

METHOD AND DEVICE FOR ACCESSING DATA IN SIGNAGE SYSTEMS - A method is provided for displaying information at remote terminals, based on criteria established at a central terminal. At the central terminal, a set of rules is selected out of a plurality of pre-defined sets of rules for displaying the information at the respective remote terminal, and based on the selected set of rules, a virtual tokens is created, which is then forwarded to the respective remote terminal. The token is received at the remote terminal, and the identification of the corresponding set of rules is derived. Based on the identified set(s) of rules, one or more corresponding software modules operative to retrieve information originated at additional source(s) is uploaded for use at the respective remote terminal. Next, a display of information that comprises information retrieved by using the corresponding software modules is generated and presented at the remote terminal.

12-02-2010

20140157346

METHODS, DEVICES AND SYSTEMS FOR PEER-TO-PEER VIDEO CONTENT DISTRIBUTION - Methods, apparatuses, and devices for distributing video content in a peer-to-peer network. A video content source outputs video content to a first display device of a plurality of display devices. Each of the plurality of display devices is configured to automatically detect and download video content from one or more others of the plurality of display devices.

Avner Ben Natan, New York, NY US

Patent application number

Description

Published

20100014291

LIGHTING DEVICE - A lighting device comprising a plurality of overlapping leaves hingedly attached to a base that can be manipulated to control the size of an opening through which light from a light source passes, and thereby the size and intensity of the light. In some embodiments the device includes an off-center lighting source whereby a light beam is emitted at an angle to an axis passing through the center of the opening formed by the leaves.

01-21-2010

David Ben Natan, Petach Tikva IL

Patent application number

Description

Published

20100050440

UTENSIL AND METHOD FOR COLLECTING AND POURING POWDERS AND FLUIDS - A utensil and method for collecting measuring and pouring powders and fluids, the utensil is made as a single unit including a collection container, holding handle containing a tube which has one opening in the wall of the collection container and a discharge opening at the end of the handle. The method includes collecting the substance into the collection container, moving the utensil to the place of dispersal, and pouring the collected substance through the discharge opening.

03-04-2010

Ron Ben-Natan, Lexington, MA US

Patent application number

Description

Published

20090271453

Network Intrusion Blocking Security Overlay - A database security overlay that identifies each network and local access gateway to a database, and monitors each access path from the identified gateways to analyze each connection to the database and block any connections determined to transport unauthorized or undesirable content. Access gateways that establish connections are identifiable by interprocess communication (IPC) mechanisms employed in accessing the database. An evaluator monitors access attempts, while a tapping mechanism on IPC mechanisms that provide the connections captures access attempts from the access gateways. The tapping mechanism intercepts and forwards access attempts to the evaluator to centralize and focus DB paths amid multiple local and external connections on the DB server. A lightweight check for each local access quickly determines if the access attempt warrants further scrutiny.

10-29-2009

20100131512

System and methods for selective local database access restriction - A nonintrusive database access monitoring mechanism employs a hybrid approach that disallows, or blocks, the access mediums which are not feasible to intercept or analyze, as well as intercepting and analyzing access mediums for which interception and interrogation is available. Accordingly, various configurations provide the hybrid coverage approach to identifying access mediums, and either block or intercept the access attempts. In this manner, access mediums, such as interprocess communication (IPC) system calls, which may be efficiently intercepted and analyzed are captured and substantively processed, while other access mediums that are excessively burdensome or intrusive to capture are unselectively blocked from any communication, avoiding the need to analyze such access attempts.

05-27-2010

20100131758

Nondesctructive interception of secure data in transit - In a data level security environment, the data level security mechanism operates on plaintext data. Data level security operations identify a point in the information stream where plaintext data is available for interception. Typically this is a point in the processing stream just after the native DBMS decryption functionality has been invoked. A database monitor intercepts and scrutinizes data in transit between an application and a database by identifying a transition point between the encrypted and plaintext data where the cryptographic operations are invoked, and transfers control of the data in transit to a database monitor application subsequent to the availability of the data in plaintext form.

05-27-2010

20100132024

Identifying attribute propagation for multi-tier processing - A multi-tier attribute tracking mechanism provides the ability to identify the end user credentials and other client information and attributes and assign them to database requests in an application server architecture. Disclosed configurations identify the processing unit, or thread, assigned by the operating system to service the incoming request from the user at the application tier. A matching of users to threads allows successive thread activity to be mapped back to the initiating user. Conventional interception of database access attempts at the application level (so called “server taps,” or staps) identified only the database user (the account in the database) and associated connection as the responsible user. By intercepting, or “tapping” the access request at the operating system level (using so-called kernel taps, or “ktaps”), the mechanism matches which application requests map to which database requests. With this matching, the database requests can be tagged with the user credentials which are known through the application request.

05-27-2010

20110313981

Data Privacy, Redaction and Integrity for Relational Databases - A method, a data processing system, and a computer program product for protecting data in a database. A query to a database in a data processing system is received by a security mechanism in the data processing system that is external of the database. The query is converted to a modified query according to a security policy. The modified query is sent to the database, and a response to the modified query is returned.

12-22-2011

20120150880

Identity Propagation through Application Layers Using Contextual Mapping and Planted Values - Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.

06-14-2012

20130151542

Identity Propagation through Application Layers Using Contextual Mapping and Planted Values - Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.

06-13-2013

20130212689

MANAGING NETWORK DATA - A method, system or computer usable program product for masking communication data using context based rules including intercepting a communication between a server and a client by an intermediary, the communication having a recipient, parsing the communication by the intermediary to determine whether a context based alteration rule should be applied, responsive to an affirmative determination, applying the rule to the communication to produce an altered communication with altered data, and sending the altered communication to the recipient so that the altered data in the communication is utilized in a masked manner.

08-15-2013

20140222842

Identity Propagation through Application Layers Using Contextual Mapping and Planted Values - Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information.

08-07-2014

20140283115

METHOD AND SYSTEM FOR MONITORING ACCESS ATTEMPTS OF SHARED MEMORY OF DATABASES - An approach for auditing database access attempts within a computer system. In one implementation, the computer system provides a target server for directing client requests for database access to the target server. In another implementation, the computer system provides a plurality of filtering agents which intercept the client requests and each filtering agent forwards a respective set of client requests which match a respective filter profile to a processing entity.

09-18-2014

Patent applications by Ron Ben-Natan, Lexington, MA US

Yigal Ben-Natan, Petach-Tikva IL

Patent application number

Description

Published

20140053227

System and Method for Secure Synchronization of Data Across Multiple Computing Devices - A computer implemented method and apparatus comprises detecting a file content update on a first client computer system, the file to be synchronized on a plurality of different types of client computer systems in a plurality of formats. The method further comprises associating a security policy with the file, wherein the security policy includes restrictions to limit one or more actions that can be performed with the file, and synchronizing the file to a second client computing system while applying the security policy to provide controls for enforcement of the restrictions at the second client computer system.